Cross site scripting (XSS) vulnerability in Zoho ManageEngine ServiceDesk Plus 14 via the comment field when changing the credentials in the Assets.
https://www.manageengine.com/products/service-desk/CVE-2023-23078.html
https://bugbounty.zohocorp.com/bb/#/bug/101000006458675?tab=originator